Return-Path: X-Original-To: oauth@ietfa.amsl.com Delivered-To: oauth@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B53BD129A16 for ; Thu, 16 Mar 2017 12:36:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.021 X-Spam-Level: X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JjdcDA-D0nSz for ; Thu, 16 Mar 2017 12:36:13 -0700 (PDT) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0091.outbound.protection.outlook.com [104.47.36.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B737A1299E5 for ; Thu, 16 Mar 2017 12:36:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=iAxUC3KAQRU1MeGTPEMWfAqVUkd3EtkdKqK+GqUlEnk=; b=RQyF8tkA1lGs2iXekZrZNcPmaO/c309kse6LxiB0XRVMCuOeHBeJjGLE5TuvnTx6H2+nHJXnVCXEhBdCIDF77qGLx/v/p6vXunJGi6wBF6L5/LZBu+KzgCee96O0QeAq/6oYFSkhmYsgbl8lVM7OvKqq1OJhIuJr5NLC8MtEWsI= Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0502.namprd21.prod.outlook.com (10.172.122.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.0; Thu, 16 Mar 2017 19:36:12 +0000 Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.0991.003; Thu, 16 Mar 2017 19:36:12 +0000 From: Mike Jones To: Antonio Sanso CC: Sergey Beryozkin , "oauth@ietf.org" Thread-Topic: [OAUTH-WG] More Criticism of JOSE Thread-Index: AQHSnaLc8rEEDhIYtU+PeFy9Q2RU+KGWC1EAgABCAdCAABAKgIAAB0zAgAC/igCAALmqPQ== Date: Thu, 16 Mar 2017 19:36:11 +0000 Message-ID: References: <814591e4-c21a-451b-cce9-e4f158f07c2e@gmail.com> <78BE56B7-0253-4635-AB46-F724A8536082@adobe.com> , <1005993A-7250-4752-B5A6-AB718F246AED@adobe.com> In-Reply-To: <1005993A-7250-4752-B5A6-AB718F246AED@adobe.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: adobe.com; dkim=none (message not signed) header.d=none;adobe.com; dmarc=none action=none header.from=microsoft.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [107.77.205.139] x-microsoft-exchange-diagnostics: 1; CY4PR21MB0502; 7:xyYtkP5dIAiZAOQw+VkRwMiPhhH1iq5poHMlPEntn4WUPYNF/bsc+2u60fUmqn+5KTU1c3qE+4GmE22eV3aO1pREa4P95yBXeDvud/pMzFSzhRfukHpg01vo8+VSkPeGZIhTDQ79xCuQ+s918QsKWE3q7jBrJsAcK1OhIWEJubWFvW7W61vv255pIh7znTLU+x8aC82UsldUXf4gq2p7nyugOiueJ7LKcbpQecgGoKQyXzu6AwmXeLA2CgopnqD/SNkxBTk161KThlFuCVn2oGpw9jkPFCYM3j2GRcnUhEiuI+1jU//gyVvd4wguEoQonEuIL2hVDxD9uUVYx+kN8ys9zoG7+WyOWfVFilz4xI8= x-ms-office365-filtering-correlation-id: cabc8496-43ab-40d8-0d6e-08d46ca3b40b x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254036)(48565401081); SRVR:CY4PR21MB0502; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(158342451672863)(278428928389397)(192374486261705); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(93006012)(93001012)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123558025)(20161123560025)(20161123564025)(20161123562025)(20161123555025)(6072148); SRVR:CY4PR21MB0502; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0502; x-forefront-prvs: 024847EE92 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39410400002)(39850400002)(39450400003)(39840400002)(39860400002)(53824002)(377454003)(13464003)(24454002)(7736002)(8676002)(3660700001)(6306002)(54896002)(236005)(9686003)(39060400002)(2900100001)(6116002)(53936002)(54906002)(33656002)(3846002)(102836003)(74316002)(10090500001)(8936002)(54356999)(50986999)(76176999)(86612001)(7906003)(55016002)(99286003)(3280700002)(81166006)(25786008)(8990500004)(122556002)(5660300001)(7696004)(38730400002)(93886004)(189998001)(53546007)(110136004)(2906002)(6506006)(4326008)(6246003)(2950100002)(229853002)(6436002)(6916009)(606005)(86362001)(10290500002)(77096006)(5005710100001)(66066001)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0502; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR21MB050463E4943A4FF1FECDAF1AF5260CY4PR21MB0504namp_" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Mar 2017 19:36:11.9942 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0502 Archived-At: Subject: Re: [OAUTH-WG] More Criticism of JOSE X-BeenThere: oauth@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: OAUTH WG List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Mar 2017 19:36:17 -0000 --_000_CY4PR21MB050463E4943A4FF1FECDAF1AF5260CY4PR21MB0504namp_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable It would be great to talk to you at the OAuth security worship, Antonio. Cheers, -- Mike From: Antonio Sanso Sent: Thursday, March 16, 2017 1:31 AM To: Mike Jones Cc: Sergey Beryozkin; oauth@ietf.org Subject: Re: [OAUTH-WG] More Criticism of JOSE hi Mike On Mar 15, 2017, at 10:06 PM, Mike Jones wrot= e: > Will you be in Chicago, Antonio? If so, maybe you can sit down with us a= nd work on advice to implementers. Unluckily not. FWIW I will be at https://zisc.ethz.ch/oauth-security-worksh= op-2017-cfp/. And I=92d be glad to sit down with you and try to help if you= are around=85. regards antonio > > Cheers, > -- Mike > > -----Original Message----- > From: Antonio Sanso [mailto:asanso@adobe.com] > Sent: Wednesday, March 15, 2017 1:40 PM > To: Mike Jones > Cc: Sergey Beryozkin ; oauth@ietf.org > Subject: Re: [OAUTH-WG] More Criticism of JOSE > > hi Mike, > > while I am the original author of one of the mentioned article in the blo= g post (http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-j= son-web.html) I do not share entirely the criticism. > Said that, I must really admit that some of the cryptographic choices mad= e specially in JWE are really questionable. > > regards > > antonio > > On Mar 15, 2017, at 8:50 PM, Mike Jones wro= te: > >> The bulk of this seems to be about applications that don't verify that t= he crypto algorithms that were used in a JWT are acceptable in the applicat= ion context. While I know that some people would like crypto to be magic p= ixie dust that you can sprinkle on an application to get crypto goodness, i= t will never be that simple. Crypto algorithms that are thought to be good= today will be deprecated later. Apps that keep allowing them to be used w= ill be vulnerable. The JOSE specs requiring that applications be aware of = the algorithms used is a good and necessary thing for long-term security - = not a problem with the specs. >> >> That said, of course some implementers will get things wrong. To the ex= tent that we can help them understand what they actually need to do to use = the specifications securely, we obviously should. Perhaps we should write = an article for oauth.net talking about some of these issues? Maybe a few o= f us can get together in Chicago and work on that. >> >> I'm looking forward to seeing many of you in 1.5 weeks! >> >> -- Mike >> >> -----Original Message----- >> From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Sergey >> Beryozkin >> Sent: Wednesday, March 15, 2017 8:46 AM >> To: oauth@ietf.org >> Subject: Re: [OAUTH-WG] More Criticism of JOSE >> >> and everyone should now start using the most secure alternative >> proposed in that very light in analysis article :-) >> >> Sergey >> On 15/03/17 15:43, Mike Schwartz wrote: >>> Sorry to be the bearer of bad news, but here's a negative review of JOS= E: >>> >>> JOSE (Javascript Object Signing and Encryption) is a Bad Standard >>> That Everyone Should Avoid >>> >>> https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standar >>> d >>> -that-everyone-should-avoid >>> >>> >>> - Mike >>> >>> _______________________________________________ >>> OAuth mailing list >>> OAuth@ietf.org >>> https://www.ietf.org/mailman/listinfo/oauth >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > --_000_CY4PR21MB050463E4943A4FF1FECDAF1AF5260CY4PR21MB0504namp_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable

It would be great to talk to you at the OAuth secu= rity worship, Antonio.

 

Cheers,

-- Mike

 

From: Antonio Sanso
Sent: Thursday, March 16, 2017 1:31 AM
To: Mike Jones Cc: Sergey Beryozkin; oauth@ietf.org
Subject: Re: [OAUTH-WG] More Criticism of JOSE

 

hi Mike

On Mar 15, 2017, at 10:06 PM, Mike Jones <Michael.Jones@microsoft.com>= ; wrote:

> Will you be in Chicago, Antonio?  If so, maybe you can sit down w= ith us and work on advice to implementers.

Unluckily not. FWIW I will be at https://zisc.ethz.ch/oauth-security-workshop-2017-cfp/. And I=92d be gl= ad to sit down with you and try to help if you are around=85.

regards

antonio


>
>            = ;            &n= bsp;       Cheers,
>            = ;            &n= bsp;       -- Mike
>
> -----Original Message-----
> From: Antonio Sanso [mailto:asanso= @adobe.com]
> Sent: Wednesday, March 15, 2017 1:40 PM
> To: Mike Jones <Michael.Jones@microsoft.com>
> Cc: Sergey Beryozkin <sberyozkin@gmail.com>; oauth@ietf.org
> Subject: Re: [OAUTH-WG] More Criticism of JOSE
>
> hi Mike,
>
> while I am the original author of one of the mentioned article in the = blog post (http://blog.intothesymmetry.com/2017/03/critica= l-vulnerability-in-json-web.html) I do not share entirely the criticism.
> Said that, I must really admit that some of the cryptographic choices = made specially in JWE are really questionable.
>
> regards
>
> antonio
>
> On Mar 15, 2017, at 8:50 PM, Mike Jones <Michael.Jones@microsoft.co= m> wrote:
>
>> The bulk of this seems to be about applications that don't verify = that the crypto algorithms that were used in a JWT are acceptable in the ap= plication context.  While I know that some people would like crypto to= be magic pixie dust that you can sprinkle on an application to get crypto goodness, it will never be that simple.&nb= sp; Crypto algorithms that are thought to be good today will be deprecated = later.  Apps that keep allowing them to be used will be vulnerable.&nb= sp; The JOSE specs requiring that applications be aware of the algorithms used is a good and necessary thing for long-ter= m security - not a problem with the specs.
>>
>> That said, of course some implementers will get things wrong. = ; To the extent that we can help them understand what they actually need to= do to use the specifications securely, we obviously should.  Perhaps = we should write an article for oauth.net talking about some of these issues?  Maybe a few of us can get together in Ch= icago and work on that.
>>
>> I'm looking forward to seeing many of you in 1.5 weeks!
>>
>>           &= nbsp;           &nbs= p;       -- Mike
>>
>> -----Original Message-----
>> From: OAuth [mailto:oaut= h-bounces@ietf.org] On Behalf Of Sergey
>> Beryozkin
>> Sent: Wednesday, March 15, 2017 8:46 AM
>> To: oauth@ietf.org
>> Subject: Re: [OAUTH-WG] More Criticism of JOSE
>>
>> and everyone should now start using the most secure alternative >> proposed in that very light in analysis article :-)
>>
>> Sergey
>> On 15/03/17 15:43, Mike Schwartz wrote:
>>> Sorry to be the bearer of bad news, but here's a negative revi= ew of JOSE:
>>>
>>> JOSE (Javascript Object Signing and Encryption) is a Bad Stand= ard
>>> That Everyone Should Avoid
>>>
>>> https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standar >>> d
>>> -that-everyone-should-avoid
>>>
>>>
>>> - Mike
>>>
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https:= //www.ietf.org/mailman/listinfo/oauth
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://ww= w.ietf.org/mailman/listinfo/oauth
>>
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://ww= w.ietf.org/mailman/listinfo/oauth
>

--_000_CY4PR21MB050463E4943A4FF1FECDAF1AF5260CY4PR21MB0504namp_--